![Pioneer [Blu-ray]](https://techcratic.com/wp-content/uploads/2024/11/81EmJG9mivL._SL1500_-360x180.jpg)
Victor Dabrinze
2024-10-04 15:22:32
siliconangle.com
Whether it’s the Volt Typhoon hack or one of several other attacks targeting the healthcare sector, something has become clear: speed is the name of the game. In addition, there’s been a rise in identity-based attacks aimed at crippling or, at the very least, disrupting public and private-sector operations.
CrowdStrike’s Adam Meyers talks about identity-based attacks with theCUBE.
“We had a customer that on a Monday, hired one of these North Korean remote IT workers,” said Adam Meyers (pictured), senior vice president of Counter Adversary Operations at CrowdStrike Inc. “By Saturday, the laptop that they were being issued was shipped to a laptop farm where it was going to be plugged in. It was plugged in on Saturday. Within an hour, the Overwatch team notified the customer and they were able to terminate the employee. We have gotten pretty fast at stopping the threats.”
Meyers spoke with theCUBE Research’s Dave Vellante and Rebecca Knight at Fal.Con, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed the importance of speed in detecting threats, the shift in adversary tactics and the growing role of artificial intelligence in both cyberattacks and defense. (* Disclosure below.)
Identity-based attacks on the rise
A key finding from CrowdStrike’s “2024 Threat Hunting Report” is the growing shift in how adversaries are targeting organizations. Attackers have moved away from traditional methods such as phishing emails containing malware-laden documents. Instead, they are increasingly focusing on identity-based attacks, which involve compromising legitimate credentials to infiltrate systems undetected, according to Meyers.
“They know if they come in with a compromised but legitimate credential, they’ve moved off the X,” he said. “Now, they can continue to operate without being detected. They’re able to operate as a legitimate user who’s just logged in, maybe, from a different location. Identity attacks have been probably the biggest issue I think we’ve covered in that last threat-hunting report.”
Cross-domain threat hunting has emerged as effective against identity-based attacks. By hunting across different domains — whether it’s the endpoint, cloud or hypervisor — organizations can detect malicious activity that might otherwise go unnoticed, Meyers added.
“As you start to bring in the identity protection data and you start to bring in your crowd data from your control plane and you start to bring in VPN concentrator logs, that’s where Next-Gen SIEM infused with intelligence and powered by threat hunting becomes a really critical capability,” he said.
Here’s the complete video interview, part of SiliconANGLE’s and theCUBE Research’s coverage of Fal.Con:
(* Disclosure: CrowdStrike Inc. sponsored this segment of theCUBE.)
Photo: SiliconANGLE
Your vote of support is important to us and it helps us keep the content FREE.
One click below supports our mission to provide free, deep, and relevant content.
Join our community on YouTube
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.
THANK YOU
Support Techcratic
If you find value in Techcratic’s insights and articles, consider supporting us with Bitcoin. Your support helps me, as a solo operator, continue delivering high-quality content while managing all the technical aspects, from server maintenance to blog writing, future updates, and improvements. Support Innovation! Thank you.
Bitcoin Address:
bc1qlszw7elx2qahjwvaryh0tkgg8y68enw30gpvge
Please verify this address before sending funds.
Bitcoin QR Code
Simply scan the QR code below to support Techcratic.
Please read the Privacy and Security Disclaimer on how Techcratic handles your support.
Disclaimer: As an Amazon Associate, Techcratic may earn from qualifying purchases.
